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DETAILED ACTION 

This action is responsive to application 10/632,521 filed on 8/1/03. 



Continued Examination Under 37 CFR 1.114 

A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 
1/22/2008 has been entered. 



Response to Amendment 

Claims 1, 53-65 and 80-85 have been amended and claims 74-79 have been 
cancelled. Accordingly, claims 1-11, 15-73 and 80-85 are pending. 



Claim Rejections - 35 USC §112 

The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 



Claims 27 and 85 are rejected under 35 U.S.C. 112 second paragraph for 
claiming a trademark which renders the scope of the claims unclear. See MPEP 
2173.05(u). 
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Claim Rejections - 35 USC § 101 

35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

Claim 65 is rejected under 35 U.S.C. 101 for being directed towards nonstatutory 
subject matter. Specifically the password management system claimed therein lacks 
the necessary hardware to define a hardware system and thus obviating the 
interpretation of being software per se. If Applicant is attempting to define a hardware 
system, there needs to be hardware defined in the claims as to prevent the system to 
being software per se. Otherwise, if Applicant is defining a software system, the 
software needs to be stored on a statutory medium (i.e. not including carrier waves, 
signals, etc.) so that the functionality of the claim may be realized. See MPEP 21 06.01 . 

Claim 53 is now accepted under statute 35 USC 101 as being a machine claim 
including a processor. 

Claim 61 is now accepted as being a machine claim for the processor coupled to 
memory recites necessary hardware elements to define a hardware apparatus rather 
than software per se. 

Claim 83 is now accepted under statute 35 USC 101 in view of Applicant's 
amendments. 
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Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

Claims 80-84 are rejected under 35 U.S.C. 102(e) as being disclosed by 
Hollingsworth (U.S. Patent 7,200,864). In the following, Hollingsworth teaches 

With respect to claim 80, A computer-implemented method comprising: 
retrieving a list of user accounts (310) from an identity integration system (col. 2 
line 54-56; e.g. universal access program for controlling passwords) having persisted 
identity information (col. 1 line 55 and col. 7 line 67-col. 8 line 10; i.e. storing passwords) 
regarding the user accounts (310 and col. 2 line 19-21) wherein, the identity integration 
system (col. 2 line 54-56; e.g. universal access program for controlling passwords) 
includes a management agent (col. 8 line 10-13) for each of multiple data sources (310, 
systems A-E) configured specifically for its respective data source (col. 8 line 10-13) to 
manage data communication between the identity integration system (col. 2 line 54-56; 
e.g. universal access program for controlling passwords) and each respective data 
source (310, systems A-E); 
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outputting a user interface (300) showing the list of user accounts (310) on a 
display (figure 3); 

allowing each account (i.e. the systems/programs in figure 3) in the list to be 
selected (315) using a user interface (figure 3) selection device (col. 4 line 23-25; e.g. a 
mouse or keyboard choosing means) operable to input selections (315) via the user 
interface (300) output on the display (figure 3); 

allowing input of a new password (362) via the user interface selection device 
(col. 4 line 23-25; e.g. a mouse or keyboard choosing means); and 

allowing input of a request to update old passwords (360) associated with each 
of the selected accounts (315, "X" marks) to the new password (365) input via the user 
interface (300). 

With respect to claim 81, the method as recited in claim 80, further comprising 
allowing input of user credentials to verify an identity of the user (366). 

With respect to claim 82, One or more computer readable storage media 
containing instructions that are executable by a computer to perform actions, 
comprising: 

selecting multiple data sources (315, 310) connected to an identity integration 
system col. 2 line 54-56; e.g. universal access program for controlling passwords); 
receiving a new password (362) input by a user to cause the new password (362) to be 
associated with each of the selected multiple data sources (315); and 
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using the identity integration system col. 2 line 54-56; e.g. universal access 
program for controlling passwords) to collectively update (col. 2 line 54-57 and col. 3 
line 52) a password associated with each of the selected multiple data sources (335) to 
the new password input by the user (362). 

With respect to claim 83, the one or more computer readable storage media as 
recited in claim 82, wherein at least some of the multiple data sources connected to the 
identity integration system communicate in a manner different than a native 
communication of the identity integration system (figure 1 and col. 5 line 20-25; e.g. the 
universal system may communicate with various computer systems). 

With respect to claim 84, the one or more computer readable storage media as 
recited in claim 82, wherein the identity integration system accomplishes a password 
update on each of the data sources regardless of whether the data sources connected 
to the identity integration system communicate in a manner different than a native 
communication of the identity integration system (col. 2 line 51-55). 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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Claims 1-11, 15-20, 22-69, 71-73, and 85 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Hollingsworth as applied to claims 80-84 above in view of 
Stone et al. ('Stone' hereafter, U.S. Patent Application 20070094392). 

With respect to claim 1 , Hollingsworth teaches method, comprising: 

outputting a user interface (300) configured to interact with an identity integration 

system (col. 2 line 54-56; e.g. universal access program for controlling passwords) to 

perform collective password management (col. 2 line 54-57 and col. 3 line 52; i.e. 

universal control of passwords) for multiple user accounts (310) associated with a user 

(335,330); 

receiving a selection (col. 4 line 35-40) of multiple data sources (315) connected 
to the identity integration system (col. 2 line 54-56; e.g. universal access program for 
controlling passwords) input by the user via the user interface (300), wherein: 

each of the multiple data sources (310) corresponds to a different one of said 
multiple user accounts (310 and 335; i.e. a user-assigned password for a system 
represents an account); 

the identity integration system (col. 2 line 54-56; e.g. universal access program 
for controlling passwords) includes a management agent for each of the multiple data 
sources configured specifically for its respective data source (col. 8 line 8-13; i.e. the 
adjustment of the secondary programs to allow the universal program to access and 
change the passwords of such secondary programs suggests a description of an agent 
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for the secondary program) to manage data communication between the identity 
integration system (col. 2 line 54-56; e.g. universal access program for controlling 
passwords) and each respective data source (system list 310); 

for at least some of the multiple data sources (figure 3, systems A-E) a 
management agent for the data source is configured with credentials to perform 
password management for a corresponding said user account (col. 8 line 10-12); and 
receiving a new password (362) input by a user via the user interface (300); and 
performing an administrative password operation on a multiple passwords (col. 3 
line 51-53) each associated with each one of the selected multiple data sources (310) to 
collectively update each said of the multiple passwords (figure 3 and col. 37-40) to the 
new password (362), wherein the password operation is performed using the identity 
integration system (col. 2 line 54-56; e.g. universal access program for controlling 
passwords). 

Hollingsworth does not expressly disclose for at least one of the multiple data 
sources a management agent for the data source calls for custom logic configured as 
code, from a custom logic source outside the identity integration system, to perform 
password management for the data source. 

Stone, however, teaches for at least one of the multiple data sources a 
management agent for the data source calls for custom logic configured as code (e.g. 
and XML file), from a custom logic source (administrator) outside the identity integration 
system, to perform password management for the data source (drawing reference 24 



Application/Control Number: 10/632,521 Page 9 

Art Unit: 2167 

and paragraphs 0038-0042) as a file or data structure composed by a system 
administrator to modify user attributes including user access data. 

In the same field of endeavor, (i.e. user access privileges), it would have been 
obvious to one of ordinary skill in the data processing art at the time of the present 
invention to combine the teachings of the cited references because Stone would have 
given Hollingsworth custom logic in the form of a file from an administrator for 
customizing the password management process in controlling various and multiple 
programs. Further, the custom logic as provided by Stone would have given the 
personnel of Hollingsworth's system more control over editing passwords for the 
multiple programs (as shown by Hollingsworth, col. 7 line 57-60). 

With respect to claim 2, Hollingsworth teaches the method as recited in claim 1, 
further comprising: determining an identity of a user, wherein the multiple data sources 
are associated with the identity (335); and 

querying the identity integration system to find the multiple data sources 
associated with the identity (col. 4 line 26-30; e.g. a list of programs to be controlled by 
a user). 

With respect to claim 3, Hollingsworth teaches the method as recited in claim 1, 
wherein the password operation comprises updating one or more passwords associated 
with the multiple data sources using joined objects across the multiple data sources, 
wherein the joined objects are stored in the identity integration system (figure 3, 315). 
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With respect to claim 4, Hollingsworth teaches the method as recited in claim 3, 
wherein some of the multiple passwords are updated to new passwords that differ from 
each other (335; e.g. 'monkeyl' and 'kitten2'). 

With respect to claim 5, Hollingsworth teaches the method as recited in claim 3, 
wherein each of the multiple passwords is updated to the same password (335, e.g. 
'monkeyl'). 

With respect to claim 6, Hollingsworth teaches, the method as recited in claim 1, 
wherein the password operation comprises one of changing, setting and resetting the 
password (col. 3 line 51-53). 

With respect to claim 7, Hollingsworth teaches the method as recited in claim 1, 
wherein each of the multiple data sources differ from others of the multiple data sources 
with respect to at least one of a protocol, a platform, a format, and a data transmission 
medium for data storage (col. 1 line 44-50). 

With respect to claim 8, the method as recited in claim 1 , wherein each of the 
multiple data sources differs in a connection to the identity integration system with 
respect to at least one of a protocol, a platform, a format, and a data transmission 
medium for data storage (figure 2). 
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With respect to claim 9, Hollingsworth teaches the method as recited in claim 1, 
wherein each of the multiple data sources uses a different password management 
function (col. 3 line 1-5; e.g. each program having its own specific password). 

With respect to claim 10, the method as recited in claim 9, wherein the identity 
integration system performs password management for each of the multiple data 
sources (col. 1 lie 36-38). 

With respect to claim 11, Hollingsworth teaches the method as recited in claim 1, 
wherein for at least some of the multiple data sources the identity integration system 
stores integrated identity information to perform password management (col. 1 line 55). 

With respect to claim 15, Hollingsworth teaches the method as recited in claim 1, 
further comprising using the identity integration system to produce a list of user 
accounts associated with the multiple data sources, wherein the user accounts on the 
list are eligible for password management (figure 3). 

With respect to claim 16, Hollingsworth does not expressly teach web application 
for password management. 

Stone, however, teaches a web application for password management (0040) for 
the entry attribute data for administering resources over a network. 
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In the same field of endeavor, (i.e. user access), it would have been obvious to 
one of ordinary skill in the data processing art at the time of the present invention to 
combine the teachings of the cited references because Stone would have given 
Hollingsworth a web application for controlling separate and multiple systems (See 
Hollingsworth, figs 1-2) for the benefit of enabling the system manager to efficiently 
manage multiple systems. Such a benefit would have been realized when 
Hollingsworth discusses the use of their system in a network environment (e.g. col. 5 
line 20-25 and figures 1-2, Hollingsworth). 

With respect to claim 17, Stone teaches the method as recited in claim 16, 
wherein the selecting multiple data sources and the performing a password operation 
are performed on a website generated by the web application (0077). 

With respect to claim 18, the method as recited in claim 17, wherein the web 
application accepts a password credential from a user to perform the password 
operation (figure 3, 366 and 362). 

With respect to claim 19, Hollingsworth does not expressly teach wherein the 
web application verifies an identity of a user by asking the user questions, wherein if 
answers provided by the user are correct then the web application performs the 
password operation using the identity of a privileged user account. 
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Stone, however, teaches wherein the web application verifies an identity of a 
user by asking the user questions (figure 20, 5104), wherein if answers provided by the 
user are correct (5106) then the web application performs the password operation using 
the identity of a privileged user account (figure 20). 

In the same field of endeavor, (i.e. user access), it would have been obvious to 
one of ordinary skill in the data processing art at the time of the present invention to 
combine the teachings of the cited references because the above limitations would 
further enable Hollingsworth's system to further verify a user. 

With respect to claim 20, teaches the method as recited in claim 17, further 
comprising using the identity integration system to produce a list of user accounts 
displayable on the website, wherein the user accounts are associated with the multiple 
data sources (figure 3). 

With respect to claim 22, Hollingsworth teaches the method as recited in claim 
17, further comprising communicatively coupling the identity integration system with the 
web application using an interface (figure 2). 

With respect to claim 23, Hollingsworth teaches the method as recited in claim 
22, wherein the interface is publicly available (col. 2 line 1-2; e.g. a user needing to log 
into the program describes that any user can be available to the system. 
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With respect to claim 24, Stone teaches he method as recited in claim 22, 
wherein the interface allows a web application designer to customize the web 
application (0021). 

With respect to claim 25, Hollingsworth teaches the method as recited in claim 
22, wherein the interface includes password management functions (350). 

With respect to claim 26, Hollingsworth teaches the method as recited in claim 
22, wherein the interface is capable of being changed for an improved version of the 
interface that adds more password management functions while using the same web 
application and the same identity integration system (col. 8 line 45-46). 

With respect to claim 27, Hollingsworth teaches the method as recited in claim 
22, wherein the interface is a WINDOWS MANAGEMENT INSTRUMENTATION 
interface (figure 3). 

With respect to claim 28, Hollingsworth teaches the method as recited in claim 

27, wherein the interface is secured using a security group (col. 7 line 58-60; e.g. 
authorized personnel). 

With respect to claim 29, Hollingsworth teaches the method as recited in claim 

28, wherein the interface is secured using a security group that allows both searching 
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for a connector object associated with a data source and setting a password for an 
object in the data source, wherein a connector object represents at least part of the data 
source in the identity integration system (col. 1 line 61-67). 

With respect to claim 30, Hollingsworth teaches the method as recited in claim 1, 
wherein an identity of a user associated with the multiple data sources provides a 
security credential for performing a password operation (coo. 2 line 1). 

With respect to claim 31, Hollingsworth teaches the method as recited in claim 
17, wherein the web application produces a list of accounts associated with a user 
(figure 3, 315). 

With respect to claim 32, Hollingsworth teaches the method as recited in claim 
31, wherein the web application lists only accounts eligible for password management 
(figure 3, 315). 

With respect to claim 33 Stone teaches he method as recited in claim 17, 
wherein the web application adopts a web application behavior based on a configuration 
setting (0042, (3)). 
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With respect to claim 34, Stone teaches the method as recited in claim 33, 
wherein the 15 configuration setting is stored in a configuration file (0042; e.g. a profile 
of a user) 

With respect to claim 35 Hollingsworth teaches the method as recited in claim 17, 
wherein the web application checks if one of the data sources is communicating before 
updating a password associated with the data source (col. 4 line 28-29; e.g. listing of 
the accessible programs). 

With respect to claim 36 Hollingsworth teaches the method as recited in claim 35, 
wherein the updating comprises one of changing and setting the password (col. 3 line 
51-52). 

With respect to claim 37, Stone teaches the method as recited in claim 17, 
wherein the web application checks if a connection to one of the data sources is secure 
before updating a password associated with the data source (0022, 0048). 

With respect to claim 38, Hollingsworth teaches the method as recited in claim 
37, wherein the updating comprises one of changing and setting the password (col. 3 
line 51-52). 
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With respect to claim 39, Stone teaches the method as recited in claim 1 , further 
comprising displaying a status for the password operation (0106, 0124). 

With respect to claim 40, Stone teaches the method as recited in claim 39, 
further comprising displaying the status on a webpage (0077). 

With respect to claim 41 , Stone teaches the method as recited in claim 1 , further 
comprising auditing the password operation (0028; i.e. success/error logs). 

With respect to claim 42, Stone teaches the method as recited in claim 41, 
further comprising maintaining a password management history for the password 
operation (0028; i.e. archiving the logs). 

With respect to claim 43, Stone teaches he method as recited in claim 42, further 
comprising keeping the password management history in a connector space object, 
wherein the connector space object is included in the identity integration system (0025). 

With respect to claim 44, Stone teaches the method as recited in claim 42, 
wherein the password management history includes a tracking identifier to an audit 
record of the password operation (0028). 
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With respect to claim 45, Stone teaches the method as recited in claim 41, 
further comprising maintaining a repository of audit records for password operations 
performed using the identity integration system 0082, drawing reference 42). 

With respect to claim 46, Stone teaches the method as recited in claim 45, 
wherein an audit 10 record for a password operation includes at least one of an 
identifier of a user associated with the password operation, a tracking identifier to a web 
application initiating the password operation, a tracking identifier to a connector object 
associated with the password operation, a tracking identifier to a management agent 
associated with the password operation, a password operation identifier, a password 
operation status, a date, and a time (0028, 0082). 

With respect to claim 47, Stone teaches the method as recited in claim 1 , further 
comprising associating custom logic (24) with a password operation, wherein the 
custom logic is executed after the password operation is performed (0052, 0074). 

With respect to claim 48, Stone teaches the method as recited in claim 47, 
wherein the custom logic sends an email (0085). 

With respect to claim 49, Stone teaches the method as recited in claim 47, 
wherein the custom logic logs password management activity (0028). 
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With respect to claim 50, Stone teaches the method as recited in claim 47, 
wherein the custom logic performs a password operation on a subsequent data source 
not connected to the identity integration system (figure 5). 

With respect to claim 51 , Hollingsworth teaches the method as recited in claim 1 , 
wherein the password operation further comprises updating passwords in both secure 
and non-secure data sources within the multiple data sources (col. 7 line 55-60). 

With respect to claim 52, Hollingsworth teaches the method as recited in claim 1, 
wherein the password operation further comprises updating passwords over both 
secure and non-secure connections to the multiple data sources (col. 3 line 1-15). 

With respect to claim 53, Hollingsworth teaches An apparatus comprising: 
a processor (col. 4 line 20-25); and 

a user identifier to find user identity information (col. 2 line 1-3) in an identity 
integration system (col. 2 line 54-56; e.g. universal access program for controlling 
passwords), wherein: 

the identity integration system (col. 2 line 54-56; e.g. universal access program 
for controlling passwords) includes a management agent (col. 8 line 10-13; e.g. 
secondary programs having their own passwords for access) for each of multiple data 
sources to manage data communication between the identity integration system (col. 2 
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line 54-56; e.g. universal access program for controlling passwords) and each 
respective data source (315); and 

identity information query logic to search information in the identity integration 
system for accounts associated with the user (col. 4 line 25-30 and figure 3; i.e. listing 
the systems accessible by a user); 

an account lister to display the accounts associated with the user (figure 3, 310); 

an account selector (col. 2 line 25-27) to designate at least some of the displayed 
accounts for password management (300); 

a password inputter to determine a new password (365) input by a user to 
associate with each designated accounts (figure 3, systems marked by 'X'); and 

a password manager to collectively manage passwords (col. 4 line 37-40) for the 
designated accounts figure 3, systems marked by 'X') by requesting an update of a 
password associated with each designated figure 3, systems marked by 'X') account to 
the new password (365), responsive to the user input (col. 4 line 30-40). 

Hollingsworth does not expressly teach web application for password 
management. 

Stone, however, teaches a web application for password management (0040) for 
the entry attribute data for administering resources over a network. 

In the same field of endeavor, (i.e. user access), it would have been obvious to 
one of ordinary skill in the data processing art at the time of the present invention to 
combine the teachings of the cited references because Stone would have given 
Hollingsworth a web application for controlling separate and multiple systems (See 
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Hollingsworth, figs 1-2) for the benefit of enabling the system manager to efficiently 
manage multiple systems. Such a benefit would have been realized when 
Hollingsworth discusses the use of their system in a network environment (e.g. col. 5 
line 20-25 and figures 1-2, Hollingsworth). 

Hollingsworth further does not expressly disclose for at least one of the multiple 
data sources a management agent for the data source calls for custom logic configured 
as code, from a custom logic source outside the identity integration system, to perform 
password management for the data source. 

Stone, however, teaches for at least one of the multiple data sources a 
management agent for the data source calls for custom logic configured as code (e.g. 
and XML file), from a custom logic source (administrator) outside the identity integration 
system, to perform password management for the data source (drawing reference 24 
and paragraphs 0038-0042) as a file or data structure composed by a system 
administrator to modify user attributes including user access data. 

In the same field of endeavor, (i.e. user access privileges), it would have been 
obvious to one of ordinary skill in the data processing art at the time of the present 
invention to combine the teachings of the cited references because Stone would have 
given Hollingsworth custom logic in the form of a file from an administrator for 
customizing the password management process in controlling various and multiple 
programs. Further, the custom logic as provided by Stone would have given the 
personnel of Hollingsworth's system more control over editing passwords for the 
multiple programs (as shown by Hollingsworth, col. 7 line 57-60). 
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With respect to claim 54, Hollingsworth teaches the apparatus as recited in claim 
53, wherein the identity integration system connects with diverse data sources, each 
data source having a different function for using password security (col. 3 line 1-5; e.g. 
each program having its own specific password). 

With respect to claim 55, Stone teaches the apparatus as recited in claim 53, 
further comprising an account status display to show selected accounts and a 
connection status of each account (0091). 

With respect to claim 56, Stone teaches the apparatus as recited in claim 53, 
further comprising a password management status display to display a password 
management operation status for each account (0106, 0124). 

With respect to claim 57, Stone teaches the apparatus as recited in claim 53, 
further comprising a status checker to verify connectivity and security of a connection 
between an account and the identity integration system (0022, 0048). 

With respect to claim 58 Stone teaches the apparatus as recited in claim 53, 
further comprising a configuration reader to obtain behavior settings for the web 
application (0042). 
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With respect to claim 59, Stone teaches the apparatus as recited in claim 53, 
further comprising a custom logic executor to perform custom logic associated with a 
password management operation (0024, receiver 28). 

With respect to claim 60, Hollingsworth teaches the apparatus as recited in claim 
53, 10 wherein the account lister lists only accounts eligible for password management 
(figure 3 and col. 4 line 26-30). 

With respect to claim 61, Hollingsworth teaches an apparatus comprising a 
processor coupled to memory, the memory storing one or more modules executable via 
the processor to implement: 

an interface for coupling an identity integration system (col. 2 line 54-56; e.g. 
universal access program for controlling passwords) with a password management web 
application; 

logic for communicating with the identity integration system (col. 2 line 54-56; e.g. 
universal access program for controlling passwords), wherein: the identity integration 
system (col. 2 line 54-56; e.g. universal access program for controlling passwords) is 
capable of collectively updating a password (col. 4 line 37-40) on multiple data sources 
(310) that use various functions of password updating (col. 3 line 1-5) responsive to 
input of a single new password (365) by a user; 

the identity integration system (col. 2 line 54-56; e.g. universal access program 
for controlling passwords) includes a management agent (col. 8 line 10-13) for each of 
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the multiple data sources (315) to manage data communication between the identity 
integration system (col. 2 line 54-56; e.g. universal access program for controlling 
passwords) and each respective data source (315); for at least some of the multiple 
data sources a management agent for the data source is configured with credentials to 
perform password management (col. 8 line 10-12); and 

logic for communicating with the password management web application (figure 
2 and 211); 

logic for checking a connection status between the identity integration system 
and a data source (col. 4 line 26-30; i.e. listing accessible programs). 

Hollingsworth does not expressly disclose for at least one of the multiple data 
sources a management agent for the data source calls for custom logic configured as 
code, from a custom logic source outside the identity integration system, to perform 
password management for the data source. 

Stone, however, teaches for at least one of the multiple data sources a 
management agent for the data source calls for custom logic configured as code (e.g. 
and XML file), from a custom logic source (administrator) outside the identity integration 
system, to perform password management for the data source (drawing reference 24 
and paragraphs 0038-0042) as a file or data structure composed by a system 
administrator to modify user attributes including user access data. 

In the same field of endeavor, (i.e. user access privileges), it would have been 
obvious to one of ordinary skill in the data processing art at the time of the present 
invention to combine the teachings of the cited references because Stone would have 
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given Hollingsworth custom logic in the form of a file from an administrator for 
customizing the password management process in controlling various and multiple 
programs. Further, the custom logic as provided by Stone would have given the 
personnel of Hollingsworth's system more control over editing passwords for the 
multiple programs (as shown by Hollingsworth, col. 7 line 57-60). 

Further, Hollingsworth does not expressly teach logic for searching for objects in 
the identity integration system. Stone, however, teaches logic for searching for objects 
in the identity integration system (0078) for searching of resources that may be 
accessed and managed. 

In the same field of endeavor, (i.e. user access), it would have been obvious to 
one of ordinary skill in the data processing art at the time of the present invention to 
combine the teachings of the cited references because Stone would have given 
Hollingsworth searching logic for creating a directory that lists user accessible resources 
for the benefit of further determining what systems a user has access to and providing a 
convenient listing of those systems. 

With respect to claim 62, Stone teaches the apparatus as recited in claim 61, 
further comprising logic for checking security of a connection between the identity 
integration system and a data source (0022 and 0048). 
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With respect to claim 63, Hollingsworth teaches the apparatus as recited in claim 
61, further comprising logic to change a password associated with the data source (col. 
3 line 50-53). 

With respect to claim 64, Hollingsworth teaches the apparatus as recited in claim 
61, further comprising logic to set a password associated with the data source (col. 3 
line 51). 

With respect to claim 65, Hollingsworth teaches A password management 
system, comprising: 

an identity integration system (col. 2 line 54-56; e.g. universal access program for 
controlling passwords having a metaverse space for persisting integrated identity 
information regarding accounts associated with a user (figure 3 and col. 7 line 65-col. 8 
Iine5), and a connector space for persisting information representing multiple data 
sources connectable to the identity integration system (335), the accounts each 
corresponding to one of the multiple data sources and having associated manageable 
passwords (figure 3); 

a web application for producing a list of the accounts (310) from the identity 
integration system (col. 2 line 54-56; e.g. universal access program for controlling 
passwords), for allowing selection of at least some of the accounts (315), for inputting 
by a user of a new password (362) to cause the new password to be associated with 
each of the selected accounts (col .3 line 51), and for requesting the identity integration 
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system (col. 2 line 54-56; e.g. universal access program for controlling passwords) to 
collectively update passwords (col. 4 line 35-40) on each of the selected accounts to the 
input new password (362); and 

an interface to communicatively couple the identity integration system with the 
web application (figure 2). 

Hollingsworth does not expressly teach web application for password 
management. 

Stone, however, teaches a web application for password management (0040) for 
the entry attribute data for administering resources over a network. 

In the same field of endeavor, (i.e. user access), it would have been obvious to 
one of ordinary skill in the data processing art at the time of the present invention to 
combine the teachings of the cited references because Stone would have given 
Hollingsworth a web application for controlling separate and multiple systems (See 
Hollingsworth, figs 1-2) for the benefit of enabling the system manager to efficiently 
manage multiple systems. Such a benefit would have been realized when 
Hollingsworth discusses the use of their system in a network environment (e.g. col. 5 
line 20-25 and figures 1-2, Hollingsworth). 

With respect to claim 66, Hollinger teaches the password management system 
as recited in claim 65, wherein the password management web application verifies one 
of an identity and a credential of a user (col. 2 line 1 and 366). 
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With respect to claim 67, Stone teaches the password management system as 
recited in claim 65, wherein the web application generates a webpage that displays 
accounts and a status of a password management operation for each account displayed 
(0106, 0124). 

With respect to claim 68, Hollingsworth teaches the password management 
system as recited in claim 65, wherein the web application operates in a security 
context (col. 7 line 57-60). 

With respect to claim 69, Hollingsworth teaches the password management 
system as recited in claim 68, wherein the security context is an application pool identity 
(col. 7 line 57-60; e.g. authorized personnel). 

With respect to claim 71 , Stone teaches the password management system as 
recited in claim 65, wherein the identity integration system stores a password 
management operation history for each account (0028; i.e. archiving the logs). 

With respect to claim 72, Hollinger teaches the password management system 
as recited in claim 65, wherein the identity integration system communicates with 
diverse accounts, each account having a different mechanism for administering a 
password associated with the account (figure 2; i.e. communicating with multiple 
programs). 
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With respect to claim 73, Stone teaches the password management system as 
recited in claim 72, wherein the identity integration system does not natively 
communicate with at least some of the diverse accounts (0019 and 0045-0046). 

With respect to claim 85, Stone teaches the one or more computer readable 
storage media as recited in claim 84, wherein the identity integration system 
accomplishes a password update on at least one of an ACTIVE DIRECTORY® data 
source, a SUN ONE server data source, a LOTUS NOTES server data source, a 
WINDOWS® NT TM server data source, a NOVELL® EDIRECTORY TM server data 
source, and a flat file data source (0032). 

Claims 21 and 70 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Hollinger and Stone as applied to claims 1-11, 15-20, 22-69, 71-73, and 85 above 
in view of Bush et al. ('Bush' hereafter) (U.S. Patent Application 2002/0083012). 

With respect to claim 21 and similar claim 70, the combination of Hollinger and 
Stone fails to teach a help desk to at least assist in the performing a password 
operation. 

Bush, however, teaches a help desk to at least assist in the performing a 
password operation (0024, i.e. sending a password by telephone to the user) for 
assisting in new user registration. 
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In the same field of endeavor, (i.e. password management), it would have been 
obvious to one of ordinary skill in the data processing art at the time of the present 
invention to combine the teachings of the cited references because Bush's system 
would have given Hollinger and Stone's system a more user friendly and efficient 
method of helping a user to establish an account. 

With respect to claim 70, the combination of Hollinger and Stone fails to teach 
the password management system as recited in claim 69, further comprising a help 
desk application, wherein the web application denies a user access to the help desk 
application if a security group of the user is not approved by the web application. 

Bush, however, teaches a help desk application, wherein the web application 
denies a user access to the help desk application if a security group of the user is not 
approved by the web application (0024, and 0039) for assisting in new user registration. 

In the same field of endeavor, (i.e. password management), it would have been 
obvious to one of ordinary skill in the data processing art at the time of the present 
invention to combine the teachings of the cited references because Bush's system 
would have given Hollinger and Stone's system a more user friendly and efficient 
method of helping a user to establish an account. 

Response to Arguments 

Applicant's arguments, see pages 23-34 of the reply filed 1/22/2008, with respect 
to the rejection(s) of claim(s) 1-11, 15-20, 22-26, 28-69, 71-73, and 80-85 under 35 
U.S.C. 102 (e) in view of Stone have been fully considered and are persuasive. 
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Specifically Stone is not seen to expressly teach the collective updating of passwords. 
Therefore, the 102 rejection has been withdrawn. However, upon further consideration, 
a new ground(s) of rejection is made in view of the combination of Hollingsworth and 
Stone as presented above under 35 U.S.C. 103(a). 

As seen in the above, Hollingsworth provides a universal password controlling 
system equipped with an interface for user selection of systems in order to manage their 
associated passwords. Therefore, Hollingsworth is seen to teach the collective 
updating and management of multiple passwords. 

Conclusion 

The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

U.S. Patent 7,275,258 to Arbab et al. The subject matter disclosed therein 
pertains to the pending claims (i.e. resetting passwords on a group level and 
management of multiple passwords; e.g. see figure 6). 

U.S. Patent 7,069,271 to Fadel et al. The subject matter disclosed therein 
pertains to the pending claims (i.e. managing multiple accounts and their passwords). 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Robert M. Timblin whose telephone number is 571-272- 
5627. The examiner can normally be reached on M-F 8:00-4:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Jean R. Homere can be reached on 571-272-3780. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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